NCBA Bank Kenya is facing renewed criticism after a troubling case involving a customer who lost Ksh 15,000 through a fraudulent online transaction.
The customer explained that they had never used their debit card for any online activity, had not enabled online payment features, and had only used the card once at an ATM.
Despite this, NCBA processed a transaction in euros linked to the card. When the customer raised the matter at the Kenyatta Avenue branch and later at the bank’s head office in Upper Hill, they were simply told to wait 35 working days for internal investigations a response that has become all too common for aggrieved customers.
After the long wait, the bank informed the customer via email that the transaction had been found to be legitimate. This decision came even though the customer repeatedly denied authorizing or initiating it.
NCBA claimed that a One-Time Password (OTP) had been sent to the customer’s email and phone via SMS, but the customer never received any notification. In an even more alarming twist, the customer later discovered their email account had been deleted and had to be recovered raising serious questions about possible unauthorized access to private information, information NCBA had full access to.
Cyprian Is Nyakundi was contacted directly by the victim, who shared a detailed account of the ordeal. The victim explained how the bank offered no meaningful support, repeatedly blamed them for the fraud, and ultimately left them with no refund.
In their own words, they asked, “Can it be an inside fraud case at NCBA? Because they had my email and card details.” They called for others who have suffered similar incidents to join them in a potential lawsuit.
This is not an isolated complaint. NCBA, a product of the 2019 merger between NIC Bank and Commercial Bank of Africa, promotes itself as a modern, digital-first bank. However, many current and former customers believe its digital systems are deeply flawed.
Some suggest that insiders or weak third-party controls could be contributing to these fraud cases especially as many affected customers had never activated their cards for online use or shared their credentials.
More troubling are reports from other customers who describe similar issues ATM withdrawals where money disappears, unexplained deductions from accounts, and fraud cases that remain unresolved for months.
Many say they are met with silence or vague promises of investigations that never lead to real outcomes.The most pressing question is whether NCBA has the technical and ethical capacity to protect customers’ money and private information in the digital systems it relies on.
And if a breach happens, will the bank take responsibility and provide fair redress? In this case, the answer so far has been a clear no.
We at Leaked.co.ke are continuing to follow this developing story and encourage anyone who has experienced suspicious activity, failed reversals, or data issues with NCBA to reach out.
The silence from NCBA’s top leadership only adds to the suspicion. A full independent audit of the bank’s digital fraud response and internal access controls is long overdue.
For customers who trusted NCBA with their hard-earned savings, this is more than a technical issue it’s a betrayal.
Add Comment